Search Results

Search found 3588 results on 144 pages for 'digital certificate'.

Page 38/144 | < Previous Page | 34 35 36 37 38 39 40 41 42 43 44 45  | Next Page >

  • Using SSL and SslStream for peer to peer authentication?

    - by Scott Whitlock
    I need to provide secure communication between various processes that are using TCP/IP sockets for communication. I want both authentication and encryption. Rather than re-invent the wheel I would really like to use SSL and the SslStream class and self-signed certificates. What I want to do is validate the remote process's certificate against a known copy in my local application. (There doesn't need to be a certificate authority because I intend for the certificates to be copied around manually). To do this, I want the application to be able to automatically generate a new certifiate the first time it is run. In addition to makecert.exe, it looks like this link shows a way to automatically generate self-signed certificates, so that's a start. I've looked at the AuthenticateAsServer and AuthenticateAsClient methods of SslStream. You can provide call-backs for verification, so it looks like it's possible. But now that I'm into the details of it, I really don't think it's possible to do this. Am I going in the right direction? Is there a better alternative? Has anyone done anything like this before (basically peer-to-peer SSL rather than client-server)?

    Read the article

  • iPhone Custom CA certificate for an application which uses NSURLConnection?

    - by jr
    I have an application which is communicating with many different sites and each site has its own SSL certificate signed by our own internal CA. Doing this prevents us the need from purchasing SSL certificates for each site (hundreds or thousands) and is more secure then using a wildcard certificate with a shared key on each of those sites. So, basically using a CA certificate is the only way. Right now, I have a mobileprovision file which will install the CA certificate as a profile on the phone. When our iPhone application launches if it gets an SSL Certificate error it redirects to a this mobile provision file via Safari and the user will be prompted to install the CA. The problem is that I am concerned that the Apple AppStore might deny my app for doing this (Just some feedback from other developers at this point), and I wanted to research other ways to accomplish this. Basically what I need to accomplish is allow an SSL connection which will verify against a custom CA certificate which will be embedded in my application. This will make the CA certificate active for only the calls I make. I am using the standard NSURLConnection methods in order to communicate with the service. Is this possible? Can someone show me how to load the CA (what form PEM?) and add it to the list of trusted CA certificates for my application? If that is not possible what other options do I have? Just trusting all certificates isn't really any option, we want to prevent man in the middle attacks and only trust our CA issued certificates. Thanks!

    Read the article

  • Need help setting up a truststore's chain of authority (in Tomcat)

    - by codeinfo
    Lead in ... I'm not an expert, by far, in application security via SSL, but am trying to establish a test environment that includes all possible scenarios we may encounter in production. For this I have a tree of Certificate Authorities (CAs) that are the issuers of an assortment of test client certificates, and node/server certificates (complex test environment representing the various published web services and other applications we integrate with). The structure of these CAs are as follows: Root CA, which has signed/issued Sub CA1, Sub CA2, and Sub CA3. These subs have then signed/issued all certificates of those various nodes and clients in the environment. Now for the question .... In my application's truststore I would like to trust everything signed by Sub CA1, and Sub CA2, but not Sub CA3 (untrusted). Does this mean my truststore should (1) ONLY include Sub CA1 and Sub CA2, or (2) should it include Root CA, Sub CA1, and Sub CA2? I don't know what is the proper way to represent this trust chain in a truststore. In the future I would also like to add a Sub CA4 (also signed/issued by the Root CA), but add that to a Certificate Revocation List (CRL) for testing purposes. Ahead of time, thank you for any help concerning this. It's greatly appreciated.

    Read the article

  • Used HDD/ran DiskSmartView/40,000 Power-on-hours?? should i trust it w/ my data, or take it back and bitch?

    - by David Lindsay
    I just bought a used hard drive from a University Surplus Store. Decided to run DiskSmartView to make sure it wasn't ready to fail. 40,000 power-on-hours I don't know if I feel like trusting my data to something that used. I really dont know if thats unreasonably old, but when i compare it to the POH reading i get when testing my other hdds its more than 3x older (my others have 2110 hours, 6150 hours, etc.. It's a Western Digital, so that gives me a little bit of hope(WDC WD4000KD-00NAB0). I could sure use someone else's opinion here. Thanks, DAVE

    Read the article

  • ext4: error loading journal

    - by cloudyOutside
    I have an external hard drive with two partitions: A small FAT32 which is mostly empty and works fine and a large ext4 with tons of data, most of which isn't backed up. The ext4 is visible, but can't be mounted. I get an "error loading journal" error. The drive is a Western Digital Caviar Blue 500GB. Roughly 30GB of that is FAT32 and the rest is the ext4. The light on the enclosure turns red when reading from the bad partition. It was made by Cavalry. There wasn't any warning, but coincidentally, I've been thinking lately that I should get two large capacity drives for real backups. Is there anything that can be done? I'm not even sure I have enough storage to backup everything even if it is redeemable.

    Read the article

  • My Portable Hard Drive with USB3 didn't work when connected to My Laptop, but it working with USB2 properly

    - by Mohammad Hasan Esfahanian
    I have Western Digital My Passport Essential Portable Hard Drive with USB3 and Model:WDBACY5000ABK-EESN. Until about two or three months ago when I connected that to My Laptop USB3 port, that worked very well. But now when I'm connecting that to My device, The system does not detect any Hard Drives. When plug in the USB2 port is working properly. I connected that to another Laptop whit USB3 port but I had the same problem. I tested My Laptop port with a Flash Memory by USB3 and ports were healthy and I'm sure they are working. For this issue, I changed the windows, but it still did not work. What can I do? Thanks in advance.

    Read the article

  • Computer Science Programming Certificate vs. Computer Science Degree?

    - by Jess
    I'm kind of in a tough spot. My current living conditions require that I work a full-time job while attending school. I've attended a UC in the past but had to withdraw my junior year due to financial issues at home. I currently work an entry-level IT corp job but I'm looking to further my salary/skills by getting a degree, or a programming certificate like this one: http://www.lavc.edu/voced1/CSITCertCSP/CSITCertFrameCSP.htm Herein lies the problem. I prefer getting a CS degree from an accredited university but I looked at the schedules for classes and it is impossible to work around my current 40/hr work week. There are random morning classes, with the occasional evening class, but the times get even more construed as I move my way up to the upper divisions. So what I guess I'm trying to get at is, can anyone lay out the pros and cons of obtaining a certificate vs. the degree (besides obvious points like the latter being 100x better)? I'm aware that having a degree is always going to be a better route, but...is the programming certificate useless? Should I not even bother?

    Read the article

  • wss4j: - Cannot find key for alias: monit

    - by feiroox
    Hi I'm using axis1.4 and wss4j. When I define in client-config.wsdd for WSDoAllSender and WSDoAllReceiver different signaturePropFiles where I have different key stores defined with different certificates, I'm able to have different certificates for sending and receiving. But when I use the same signaturePropFiles' with the same keystore. I get this message when I try to send a message: org.apache.ws.security.components.crypto.CryptoBase -- Cannot find key for alias: [monit] in keystore of type [jks] from provider [SUN version 1.5] with size [2] and aliases: {other, monit} - Error during Signature: ; nested exception is: org.apache.ws.security.WSSecurityException: Signature creation failed; nested exception is: java.lang.Exception: Cannot find key for alias: [monit] org.apache.ws.security.WSSecurityException: Error during Signature: ; nested exception is: org.apache.ws.security.WSSecurityException: Signature creation failed; nested exception is: java.lang.Exception: Cannot find key for alias: [monit] at org.apache.ws.security.action.SignatureAction.execute(SignatureAction.java:60) at org.apache.ws.security.handler.WSHandler.doSenderAction(WSHandler.java:202) at org.apache.ws.axis.security.WSDoAllSender.invoke(WSDoAllSender.java:168) at org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32) at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118) at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83) at org.apache.axis.client.AxisClient.invoke(AxisClient.java:127) at org.apache.axis.client.Call.invokeEngine(Call.java:2784) at org.apache.axis.client.Call.invoke(Call.java:2767) at org.apache.axis.client.Call.invoke(Call.java:2443) at org.apache.axis.client.Call.invoke(Call.java:2366) at org.apache.axis.client.Call.invoke(Call.java:1812) at cz.ing.oopf.model.wsclient.ModelWebServiceSoapBindingStub.getStatus(ModelWebServiceSoapBindingStub.java:213) at cz.ing.oopf.wsgemonitor.monitor.util.MonitorUtil.checkStatus(MonitorUtil.java:18) at cz.ing.oopf.wsgemonitor.monitor.Test02WsMonitor.runTest(Test02WsMonitor.java:23) at cz.ing.oopf.wsgemonitor.Main.main(Main.java:75) Caused by: org.apache.ws.security.WSSecurityException: Signature creation failed; nested exception is: java.lang.Exception: Cannot find key for alias: [monit] at org.apache.ws.security.message.WSSecSignature.computeSignature(WSSecSignature.java:721) at org.apache.ws.security.message.WSSecSignature.build(WSSecSignature.java:780) at org.apache.ws.security.action.SignatureAction.execute(SignatureAction.java:57) ... 15 more Caused by: java.lang.Exception: Cannot find key for alias: [monit] at org.apache.ws.security.components.crypto.CryptoBase.getPrivateKey(CryptoBase.java:214) at org.apache.ws.security.message.WSSecSignature.computeSignature(WSSecSignature.java:713) ... 17 more How to have two certificates for wss4j in the same keystore? why it cannot find my certificate there when i have two certificates in one keystore. I have the same password for both certificates regarding PWCallback (CallbackHandler) My properties file: org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin org.apache.ws.security.crypto.merlin.keystore.type=jks org.apache.ws.security.crypto.merlin.keystore.password=keystore org.apache.ws.security.crypto.merlin.keystore.alias=monit org.apache.ws.security.crypto.merlin.alias.password=*** org.apache.ws.security.crypto.merlin.file=key.jks My client-config.wsdd: <deployment xmlns="http://xml.apache.org/axis/wsdd/" xmlns:java="http://xml.apache.org/axis/wsdd/providers/java"> <globalConfiguration> <requestFlow> <handler name="WSSecurity" type="java:org.apache.ws.axis.security.WSDoAllSender"> <parameter name="user" value="monit"/> <parameter name="passwordCallbackClass" value="cz.ing.oopf.common.ws.PWCallback"/> <parameter name="action" value="Signature"/> <parameter name="signaturePropFile" value="monit.properties"/> <parameter name="signatureKeyIdentifier" value="DirectReference" /> <parameter name="mustUnderstand" value="0"/> </handler> <handler type="java:org.apache.axis.handlers.JWSHandler"> <parameter name="scope" value="session"/> </handler> <handler type="java:org.apache.axis.handlers.JWSHandler"> <parameter name="scope" value="request"/> <parameter name="extension" value=".jwr"/> </handler> </requestFlow> <responseFlow> <handler name="DoSecurityReceiver" type="java:org.apache.ws.axis.security.WSDoAllReceiver"> <parameter name="user" value="other"/> <parameter name="passwordCallbackClass" value="cz.ing.oopf.common.ws.PWCallback"/> <parameter name="action" value="Signature"/> <parameter name="signaturePropFile" value="other.properties"/> <parameter name="signatureKeyIdentifier" value="DirectReference" /> </handler> </responseFlow> </globalConfiguration> <transport name="http" pivot="java:org.apache.axis.transport.http.HTTPSender"> </transport> </deployment> Listing from keytool: keytool -keystore monit-key.jks -v -list Enter keystore password: Keystore type: JKS Keystore provider: SUN Your keystore contains 2 entries Alias name: other Creation date: Jul 22, 2009 Entry type: PrivateKeyEntry Certificate chain length: 1 Certificate[1]: .... Alias name: monit Creation date: Oct 19, 2009 Entry type: trustedCertEntry

    Read the article

  • openSSL tutorial not fully working - Can sign but cannot restore original file

    - by djechelon
    I'm writing, and testing, a little tutorial for my groupmates involved in an openSSL homework. We have a bunch of PDF files, I'm the CA and each one should send me a signed PDF for me to be verified. I've told them to do the following (and tried to do it by myself) Request and obtain a certificate (I'll skip this part) Create a MIME message with the PDF file in it makemime -c "text/pdf" -a "Content-Disposition: attachment; filename=”Elaborato.pdf" Elaborato.pdf > Elaborato.pdf.msg Sign with openSSL openssl smime -sign -in Elaborato.pdf.msg -out Elaborato.pdf.p7m -certfile ca.pem -certfile nomegruppo.crt -inkey nomegruppo.key -signer nomegruppo.crt Verify with openssl smime -verify -in Elaborato.pdf.p7m -out Elaborato-verified.msg -CAfile ca.pem -signer nomegruppo.crt Extract attachment with munpack Elaborato-verified.msg View with Acrobat Reader The problem is that even if I get a file that (from its binary content) resembles a PDF file my current Ubuntu PDF viewer doesn't read it. The XXXElaborato.pdf extracted by munpack is a little bit smaller than the original. What's the problem with this procedure? In theory, they should send me the signed S/MIME message and I should be able to read the PDF within it. Why can't I restore the original content of the PDF file?

    Read the article

  • Is there a free PDF printer / distiller that creates signable documents?

    - by Coderer
    I've used various methods (mentioned elsewhere on this site) to create PDFs, using a printer driver or converting from PostScript, etc. The common problem is that if I open any of the output files in the newer versions of Adobe Reader, there's an option to "Place Signature" but it's greyed out, or gives an error message that the feature has been disabled for this document. As far as I can tell, there's an option set somewhere in the document metadata that tells Reader "allow the user to sign this document", or don't. None of the free/open source tools that have been been linked to in other SU posts have had this listed as an option (though to be fair I haven't actually downloaded and tried all of them). Is there a tool that does this? Can I just poke a bit with a hex editor somewhere to turn on this functionality? I can sometimes get access to Acrobat Professional to turn on this option, but doing it for every desired case would be more work than I care to do. The current workaround for single-page documents is: Print the document to PDF (possibly via postscript) Open a single-page blank PDF with the "signable" bit turned on in Reader create a custom "stamp" using the Reader markup tools, by importing the printed-to document "stamp" an image of the printed document on the blank page, hoping to get it centered about right place a signature over the document-but-not-really you just stamped This obviously does not scale well at all. It would be much better if I could: Print the document to PDF Drag the document to a simple shortcut / tool / whatever Open the document in Reader Place a signature in the document ETA: Sorry, maybe I should have been clearer -- I'm talking about the certificate-based digital signing available in Adobe Reader, not adding a virtual ink signature. Also, any solution really would have to be available offline.

    Read the article

  • Setting Key Usage attributes with Makecert

    - by nlawalker
    Is it possible to set Key Usage attributes using makecert, or any other tool I can use to generate my own test certificates? The reason I'm interested is that certificates used for BizTalk Server AS2 transport require a key usage of Digital Signature for signing and Data Encipherment or Key Encipherment for encryption/decryption, and I want to play around with this feature. I see how to set enhanced key usage attributes with makecert, but not key usage.

    Read the article

  • Import .pem public and private keys to JKS keystore

    - by Rolf
    Hi, I have public and private keys in separate .pem files that I would need to get into a JKS keystore somehow. Tried using the -import command in KeyTool for this, which gives an "not an X.509 certificate" error. I'm guessing the solution has to do with OpenSSL, but I'm not entirely sure what to do with it. Would really appreciate any help with this, since I'm completely clueless with everything crypto-related. Thanks in advance, --Rolf

    Read the article

  • Connected host failed to respond (internal NAT address)

    - by MostRandom
    I'm writing my first C# web application that connects to an XML based service. It requires that I present a certificate and feed the XML stream. It seems to authenticate properly but then it gives the following error: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond 10.1.10.4:3128 The funny thing is that I'm not on a proxy or anything like that. I'm connecting directly to the internet. At one point I we did use a proxy that with internal NAT address. So my question is: Does Visual Studio have some sort of default proxy setting that I need to change? This IP is no longer used for anything, so I know that I don't need to use any proxy authentication code. using System; using System.Data; using System.Configuration; using System.Collections; using System.Web; using System.Net; using System.Security.Cryptography.X509Certificates; using System.Web.Security; using System.Web.UI; using System.Web.UI.WebControls; using System.Web.UI.WebControls.WebParts; using System.Web.UI.HtmlControls; namespace WebApplication1 { public partial class _Default : System.Web.UI.Page { protected void Page_Load(object sender, EventArgs e) { Uri requestURI = new Uri("*site omitted*"); //Create the Request Object HttpWebRequest pageRequest = (HttpWebRequest)WebRequest.Create(requestURI); //After installing the cert on the server export a client cert to the working directory as Deluxe.cer string certFile = "*certificate omitted*"; X509Certificate cert = X509Certificate.CreateFromCertFile(certFile); //Pull in your Data, if it is from an external xml as below or create an xml string with variables if a dynamic post is required. string xmlPath = "*XML omitted*"; System.Xml.XmlDocument passXML = new System.Xml.XmlDocument(); passXML.Load(xmlPath); //XML String with the data needed to pass string postData = passXML.OuterXml; //Set the Request Object parameters pageRequest.ContentType = "application/x-www-form-urlencoded"; pageRequest.Method = "POST"; pageRequest.AllowWriteStreamBuffering = false; pageRequest.AllowAutoRedirect = false; pageRequest.ClientCertificates.Add(cert); postData = "xml_data=" + Server.UrlEncode(postData); pageRequest.ContentLength = postData.Length; //Create the Post Stream Object System.IO.StreamWriter postStream = new System.IO.StreamWriter(pageRequest.GetRequestStream()); //Write the data to the post stream postStream.Write(postData); postStream.Flush(); postStream.Close(); //Set the Response Object HttpWebResponse postResponse = (HttpWebResponse)pageRequest.GetResponse();

    Read the article

  • Not Jailbroken - getting Provisioning is not applicable for product type 'Application' in SDK Device

    - by quantumpotato
    Codesign warning: provisioning is not applicable for product type 'Application' in SDK Device - iPhone OS3.1'; ignoring.. Redownloaded my developer certificate, made a new provisioning profile, still getting this error. Searched the Xcode project and removed all lines referencing a Provisioning Profile, but that didn't seem to remove it from the project settings (went to show package contents, then opened the project file). Was originally on a different machine then transferred over, if that makes a difference? Thanks

    Read the article

  • Accessing an HTTPS web service from Glassfish based web-ap

    - by ring bearer
    Hi, I'm trying to access an HTTPS based web service URL from a web/ear application deployed on a Glassfish application server domain. We have obtained the certificate from the vendor that exposes the HTTPS URL What are the steps required for installing SSL certificates in order to access the web service ? (Though I know the outline, let me pretend I am layman) Thanks

    Read the article

  • How do I send email over SMTP with SSL using Java client?

    - by Ido
    I need to send email over smtp with ssl using java client. I'm not sure how to do that. If I have my server certificate installed on my Windows machine, how do I use it? If I want it to work on a non-Windows machine, do I need to get the certificates in a different way? BTW: If the SMTP server that I use is using SSL, can I be sure that it will send the mail to the recipient using SSL?

    Read the article

  • Syntax error for makecert.exe tool

    - by user340817
    Did I missed anything during this? I am running a this command from command prompt in Windows 7 to create a certificate but it is showing a syntax error. Command I ran: makecert.exe "c:\1\Test.cer" -a sha1 -n "CN=AppGuid" -sr LocalMachine -ss My -sky signature -pe -len 2048 Output I got: Usage: MakeCert [ basic|extended options] [outputCertificateFile] Basic Options -sk -ss -sr . . . Did I missed anything during this?

    Read the article

  • SHA2 Certificates in Windows 2003 CA

    - by rursw1
    Hi all, Is it possible to create a certificate template that uses SHA-2 (sha256, sha224, sha384, sha512), from a Windows server 2003 CA? I know how to do it in Windows server 2008 based CA, with the new version (version 3) - it is possible to specify the hash algorithm (Under the "Cryptography" tab of the template properties). But is it possible in 2003 based CA? Thanks.

    Read the article

  • Programmatically Determine If An Excel File (.xls) Contains Macros

    - by Gkakk McJkakk
    Is there any way to programmatically determine if an .xls contains macros, without actually opening it in Excel? Also are there any methods to examine which certificate (including timestamp cert) these macros are signed with? Again without using Excel. I'm wondering in particular if there are any strings that always show up in the raw data of an Excel file when macros are present.

    Read the article

< Previous Page | 34 35 36 37 38 39 40 41 42 43 44 45  | Next Page >